GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
24 advisories
Filter by severity
Server-Side Request Forgery in unoconv
High
CVE-2019-17400
was published
for
unoconv
(pip)
Oct 24, 2019
graphite.composer.views.send_email vulnerable to SSRF
High
CVE-2017-18638
was published
for
graphite-web
(pip)
Oct 25, 2019
Server-side Request Forgery (SSRF) via img tags in reportlab
High
CVE-2020-28463
was published
for
reportlab
(pip)
Mar 29, 2021
Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks
High
CVE-2021-33571
was published
for
Django
(pip)
Jun 10, 2021
Server-Side Request Forgery in scout-browser
High
CVE-2022-1592
was published
for
scout-browser
(pip)
May 6, 2022
Heartex - Label Studio Community Edition vulnerable to SSRF in the Data Import module
High
CVE-2022-36551
was published
for
label-studio
(pip)
Oct 4, 2022
Server-Side Request Forgery in Plone CMS
High
CVE-2021-33926
was published
for
Plone
(pip)
Feb 17, 2023
CairoSVG improperly processes SVG files loaded from external resources
High
CVE-2023-27586
was published
for
CairoSVG
(pip)
Mar 20, 2023
Apache Airflow denial of service vulnerability
High
CVE-2023-37379
was published
for
apache-airflow
(pip)
Aug 23, 2023
GeoNode vulnerable to SSRF Bypass to return internal host data
High
CVE-2023-42439
was published
for
GeoNode
(pip)
Sep 20, 2023
LangChain Server Side Request Forgery vulnerability
High
CVE-2023-46229
was published
for
langchain
(pip)
Oct 19, 2023
Langchain Server-Side Request Forgery vulnerability
High
CVE-2023-32786
was published
for
langchain
(pip)
Oct 21, 2023
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload
High
CVE-2023-46124
was published
for
ethyca-fides
(pip)
Oct 24, 2023
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182
High
CVE-2023-50731
was published
for
mindsdb
(pip)
Dec 15, 2023
D-Tale server-side request forgery through Web uploads
High
CVE-2024-21642
was published
for
dtale
(pip)
Jan 5, 2024
SSRF Vulnerability on assetlinks_check(act_name, well_knowns)
High
CVE-2024-29190
was published
for
mobsfscan
(pip)
Mar 22, 2024
gradio Server-Side Request Forgery vulnerability
High
CVE-2024-2206
was published
for
gradio
(pip)
Mar 27, 2024
Withdrawn Advisory: Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-4642
was published
for
wandb
(pip)
May 16, 2024
•
withdrawn
MindsDB Vulnerable to Bypass of SSRF Protection with DNS Rebinding
High
CVE-2024-24759
was published
for
mindsdb
(pip)
Sep 5, 2024
LiteLLM Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-6587
was published
for
litellm
(pip)
Sep 13, 2024
GeoNode Server Side Request forgery
High
CVE-2023-40017
was published
for
geonode
(pip)
Nov 21, 2024
ProTip!
Advisories are also available from the
GraphQL API